Auto-Update: 2023-12-11T03:00:20.086039+00:00

This commit is contained in:
cad-safe-bot 2023-12-11 03:00:24 +00:00
parent 2e96d8c263
commit a8fce70cb0
3 changed files with 122 additions and 6 deletions

View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-50465",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-11T01:15:07.013",
"lastModified": "2023-12-11T01:15:07.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Crypt0Cr33py/monicahqvuln",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/monicahq/monica/releases",
"source": "cve@mitre.org"
},
{
"url": "https://www.monicahq.com",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-6659",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-11T01:15:07.073",
"lastModified": "2023-12-11T01:15:07.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Campcodes Web-Based Student Clearance System 1.0. This issue affects some unknown processing of the file /libsystem/login.php. The manipulation of the argument student leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247367."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Kidjing/cve/blob/main/sql1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.247367",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.247367",
"source": "cna@vuldb.com"
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-12-11T00:55:18.290128+00:00 2023-12-11T03:00:20.086039+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-12-10T23:15:07.313000+00:00 2023-12-11T01:15:07.073000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -23,21 +23,21 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain ```plain
2023-12-10T01:00:13.565250+00:00 2023-12-11T01:00:13.557213+00:00
``` ```
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
232695 232697
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `2` Recently added CVEs: `2`
* [CVE-2023-50463](CVE-2023/CVE-2023-504xx/CVE-2023-50463.json) (`2023-12-10T23:15:07.247`) * [CVE-2023-50465](CVE-2023/CVE-2023-504xx/CVE-2023-50465.json) (`2023-12-11T01:15:07.013`)
* [CVE-2023-6658](CVE-2023/CVE-2023-66xx/CVE-2023-6658.json) (`2023-12-10T23:15:07.313`) * [CVE-2023-6659](CVE-2023/CVE-2023-66xx/CVE-2023-6659.json) (`2023-12-11T01:15:07.073`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit